Skip Navigation Links | |
Exit Print View | |
Oracle Fusion Middleware Command-Line Usage Guide for Oracle Unified Directory 11g Release 1 (11.1.1) |
1. Server Administration Commands
Code Generated by the create-rc-script Command
Oracle Directory Server Enterprise Edition LDAP Connection Options
Oracle Unified Directory LDAP Connection Options
Replication Gateway Configuration Options
Oracle Directory Server Enterprise Edition Server Options
Replication Gateway Security Options
Removing a Replication Gateway Server
Oracle Unified Directory Server Connection Options
Oracle Directory Server Enterprise Edition Server Connection Options
The oud-replication-gateway-setup command is used to setup the replication gateway instance.
oud-replication-gateway-setup [options]
The oud-replication-gateway-setup command installs and configures a replication gateway instance, including specifying the ports on which it will listen, the DN and password for the initial root user, and the base DN for the replication gateway data. The replication gateway allows replication to work between a set of Oracle Directory Server Enterprise Edition servers and a set of Oracle Unified Directory servers.
The utility can be run in one of the following modes:
Graphical user interface (GUI) mode. GUI mode is the default and recommended installation option. The oud-replication-gateway-setup GUI provides an easy interface for installing and configuring replication servers in replicated multi-network environments. GUI mode also allows for easy server setup using SSL or StartTLS if desired.
The utility launches the graphical installer and creates the Oracle Unified Directory instance in OUD-base-location/instance-dir. The default instance directory name is asinst_1, with subsequent instances on the same server named asinst_2, asinst_3, and so on.
Command-line interface (CLI) mode. The command-line mode is either interactive or non-interactive. The interactive CLI mode prompts you for any required information before the configuration begins, and is used with the --cli option, or if no GUI is available.
The utility launches the command-line installer and creates the Oracle Unified Directory instance in OUD-base-location/instance-dir. The default instance directory name is asinst_1, with subsequent instances on the same server named asinst_2, asinst_3, and so on.
The non-interactive CLI mode enables you to set up the server without user intervention. Use the --no-prompt and the --quiet options to suppress interactivity and output information, respectively.
When the oud-replication-gateway-setup command is run without any options, it starts in GUI mode but falls back to interactive command-line mode if no GUI is available. To run the setup in interactive command-line mode use the --cli option. Note that no options are allowed if the command is run in GUI mode.
The oud-replication-gateway-setup command accepts an option in either its short form (for example, -i) or its long form equivalent (for example, --cli).
Use the command line install. If not specified the graphical interface will be launched. The rest of the options (excluding help and version) will only be taken into account if this option is specified.
The fully-qualified name of the host where the replication gateway will be installed. The Oracle Directory Server Enterprise Edition and Oracle Unified Directory servers in the replication topology must be able to access this hostname. If this option is not provided, a default of localhost is used.
Specifies the port on which the administration connector should listen for administration traffic. For information about the administration connector, see Managing Administration Traffic to the Server in Oracle Fusion Middleware Administration Guide for Oracle Unified Directory. The configuration and administration tools use this port to connect to the replication gateway. The default value is 4444.
Specifies the port that is used by the Oracle Directory Server Enterprise Edition server to communicate with the replication gateway to replicate contents.
Do not make any attempt to determine whether the specified port is available. Normally, when this option is not present, the oud-replication-gateway-setup command verifies if that port is in use or not, and if not in use then the user running the command can bind to that port. With the --skipPortCheck option, the oud-replication-gateway-setup command skips the port check.
DN for the initial root user for the replication gateway.
Password for the initial root user for the replication gateway.
Path to a file containing the password for the initial root user for the replication gateway.
Do not start the replication gateway when the configuration is completed.
Specify the base DN of the data to be replicated between the Oracle Unified Directory and the Oracle Directory Server Enterprise Edition server. Multiple base DN's can be provided by using this option multiple times.
The fully-qualified name of the host or IP address of the Oracle Directory Server Enterprise Edition server whose contents will be replicated.
Specifies the port number of the Oracle Directory Server Enterprise Edition server whose contents will be replicated. This port is used by the replication mechanism to replicate contents.
Specifies the DN that is used to bind the Oracle Directory Server Enterprise Edition server whose contents will be replicated.
Specifies the password that is used to bind the Oracle Directory Server Enterprise Edition server whose contents will be replicated.
Specifies the file that stores the password that is used to bind the Oracle Directory Server Enterprise Edition server whose contents will be replicated.
Specifies if the replication updates between the Oracle Directory Server Enterprise Edition server and the replication gateway are sent encrypted or not. If you enable this option, then you must specify the certificate to be used by the server using the options in Replication Gateway Security Options and the port specified using argument --portLegacy must be an LDAP port.
Uses client authentication to send replication updates from the replication gateway to the Oracle Directory Server Enterprise Edition server. You can use this argument only if attribute --secureReplicationLegacy is used.
Specifies the file that contains the certificate to be used in client authentication mode when the replication gateway connects to the Oracle Directory Server Enterprise Edition server to send replication updates. The file must contain the certificate in X.509 format.
Do not propagate the updates made in the Oracle Unified Directory servers to the Oracle Directory Server Enterprise Edition server. If you use this option the changes made directly in the Oracle Unified Directory servers will not be propagated to the Oracle Directory Server Enterprise Edition servers replication topology.
If you specify this argument and the replication gateway sends replication updates to the Oracle Directory Server Enterprise Edition server using an encrypted communication (specified using the --secureReplicationLegacy argument), then you will have to update the trust store used by the replication gateway with the server certificate of the Oracle Directory Server Enterprise Edition server for replication to work.
Uses client authentication to send replication updates from the Oracle Directory Server Enterprise Edition server to the replication gateway. You can use this argument only if attribute --secureReplicationLegacy is used.
Generates a self-signed certificate that the replication gateway will use as server certificate when accepting encrypted connections from the Oracle Directory Server Enterprise Edition server.
Use a certificate in a PKCS#11 token that the replication gateway will use as server certificate when accepting encrypted connections from the Oracle Directory Server Enterprise Edition server.
Specifies the path of a Java Key Store (JKS) that contains a certificate that the replication gateway will use as server certificate when accepting encrypted connections from the Oracle Directory Server Enterprise Edition server.
Specifies the path of a JCEKS that contains a certificate that the replication gateway will use as server certificate when accepting encrypted connections from the Oracle Directory Server Enterprise Edition server.
Path of a PKCS#12 key store that contains the certificate that the replication gateway will use as server certificate when accepting encrypted connections from the Oracle Directory Server Enterprise Edition server.
Specifies the certificate key store PIN. It is required to access the key store that contains the certificate (JKS, JCEKS, PKCS#12, or PKCS#11) that the replication gateway will use as server certificate. This is required when the replication gateway is configured to have an encrypted replication communication with the Oracle Directory Server Enterprise Edition server.
Specifies the file containing the certificate key store PIN. It is required to access the key store that contains the certificate (JKS, JCEKS, PKCS#12, or PKCS#11) that the replication gateway will use as server certificate. This is required when the replication gateway is configured to have an encrypted replication communication with the Oracle Directory Server Enterprise Edition server.
Specifies the nickname of the certificate that the replication gateway will use when accepting encrypted connections from the Oracle Directory Server Enterprise Edition server.
The fully-qualified name of the host or IP address of the Oracle Unified Directory server whose contents will be replicated.
Specifies the port number of the Oracle Unified Directory server whose contents will be replicated.
Specifies the DN that is used to bind the Oracle Unified Directory server whose contents will be replicated. If this attribute is not specified the global administrator is used to bind.
Specifies the password that is used to bind the Oracle Unified Directory server whose contents will be replicated. If no bind DN is specified for this server the password of the global administrator is used to bind.
Specifies the file that stores the password that is used to bind the Oracle Unified Directory server whose contents will be replicated. If no bind DN is specified for this server the password of the global administrator is used to bind.
Specifies the port used by the replication mechanism in the Oracle Unified Directory server to communicate with other Oracle Unified Directory servers. You have to specify this option only if you have not configured replication for the provided Oracle Unified Directory server.
Specifies whether or not the communication through the replication port of the Oracle Unified Directory server is encrypted or not. This option is only taken into account if replication is not configured on the Oracle Unified Directory server.
Specifies the user ID of the Global Administrator to use to bind to the Oracle Unified Directory server. If you have not defined a Global Administrator in the Oracle Unified Directory, then the Global Administrator is created using the provided data. The default value is admin.
The global administrator password.
The file that contains the password of the global administrator.
These are SASL bind options.
SASL is not supported for Oracle Unified Directory proxy.
Trust all server SSL certificates that the server presents. This option can be used for convenience and testing purposes, but for security reasons a trust store should be used to determine whether the client should accept the server certificate.
Use the client trust store certificate in the specified path. This option is not needed if --trustAll is used, although a trust store should be used when working in a production environment.
Use the password needed to access the certificates in the client trust store. This option is only required if --trustStorePath is used and the specified trust store requires a password in order to access its contents (which most trust stores do not require). This option must not be used in conjunction with --trustStorePasswordFile.
Use the password in the specified file to access the certificates in the client trust store. This option is only required if --trustStorePath is used and the specified trust store requires a password in order to access its contents (most trust stores do not require this). This option must not be used in conjunction with --trustStorePassword.
Use the client keystore certificate in the specified path.
Use the password needed to access the certificates in the client keystore. This option is only required if --keyStorePath is used. This option must not be used in conjunction with --keyStorePasswordFile.
Use the password in the specified file to access the certificates in the client keystore. This option is only required if --keyStorePath is used. This option must not be used in conjunction with --keyStorePassword.
Use the specified certificate for SSL client authentication.
Specifies the maximum length of time (in milliseconds) that can be taken to establish a connection. Use 0to specify no time out. The default value is 30000.
Run setup in non-interactive mode. If some data in the command is missing, the user will not be prompted and the command will fail.
Run in quiet mode. No output will be generated unless a significant error occurs during the process.
Run in verbose mode, displaying diagnostics on standard output.
Indicate that the command will not use a properties file to get the default command-line options.
Specify the path to the properties file that contains the default command-line options.
Display command-line usage information for the command and exit without making any attempt to stop or restart the server.
Display the version information for the directory server and exit rather than attempting to run this command.
The following examples show how to use the replication server commands.
Example 1-30 Running oud-replication-gateway-setup in GUI Mode
The following command runs an installation in GUI mode:
$ oud-replication-gateway-setup
The utility launches the graphical installer and creates the Oracle Unified Directory instance in OUD-base-location/instance-dir. The default instance directory name is asinst_1, with subsequent instances on the same server named asinst_2, asinst_3, and so on. To specify a different instance name, set the INSTANCE_NAME environment variable before you run the setup, for example:
$ export INSTANCE_NAME=my-oud-instance
The GUI is launched and provides several screens that walk you through setting up your replication server in standalone or replicated environments. You also have the option to set up SSL or StartTLS certificates.
Example 1-31 Running oud-replication-gateway-setup in Interactive Mode From the Command Line
The oud-replication-gateway-setup command can be run in interactive mode, where you are prompted for installation options. To run oud-replication-gateway-setup in interactive mode, type the following command:
$ oud-replication-gateway-setup --cli
The command prompts you for the required setup values. Press Enter or Return to accept the default, or enter a value at the prompt.
The utility launches the command-line installer and creates the Oracle Unified Directory instance in OUD-base-location/instance-dir. The default instance directory name is asinst_1, with subsequent instances on the same server named asinst_2, asinst_3, and so on. To specify a different instance name, set the INSTANCE_NAME environment variable before you run the setup, for example:
$ export INSTANCE_NAME=my-oud-instance
Successful completion or successful no-op.
Error unexpected. Potential bug.
Error user data. Cannot parse options, or data provided by user is not valid.
Error server already installed.
Error initializing server.
The directory server supports the use of a properties file that passes in any default option values used with the oud-replication-gateway-setup command. The properties file is convenient when working in different configuration environments, especially in scripted or embedded applications. For more information, see Using a Properties File With Server Commands.
All the oud-replication-gateway-setup options can be stored in a properties file. Entries in the properties file have the following format:
toolname.propertyname=propertyvalue
For example:
oud-replication-gateway-setup.hostname=grevalon:1444
The oud-replication-gateway-setup command writes a log file named oud-setup-IDnumber where IDnumber is a decimal number. The log files are located at these paths:
UNIX (Solaris): /var/tmp/
Linux: /tmp/
Windows: %TEMP%
By default, this folder is C:\Documents and Settings\User\Local Settings\Temp.
The oud-replication-gateway-setup command is located at these paths:
UNIX and Linux: install-dir/oud-replication-gateway-setup
Windows: install-dir\oud-replication-gateway-setup.bat